Skip to content

Commit

Permalink
fix(tpg v5)!: rule.rate_limit_options.enforce_on_key has not default …
Browse files Browse the repository at this point in the history 
…value (#77)
  • Loading branch information
@imrannayer
imrannayer authored Oct 24, 2023
1 parent a15110f commit a9a0198
Show file tree
Hide file tree
Showing 9 changed files with 9 additions and 146 deletions.
3 changes: 3 additions & 0 deletions docs/upgrading_to_v2.0.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,3 +3,6 @@
The v2.0 release contains backwards-incompatible changes.

This update requires upgrading the minimum provider version to `4.79`.

### TPG max version is bumped to 5.x
In `4.X`, the default value for `rule.rate_limit_options.enforce_on_key` is `ALL`. In `5.X` this field no longer has a default value. If you need `All` you will need to set it explicitly. See [Rule 2](https://github.com/GoogleCloudPlatform/terraform-google-cloud-armor/blob/main/examples/security-policy-all/main.tf) in `examples/security-policy-all` folder for reference.
28 changes: 0 additions & 28 deletions examples/security-policy-all/versions.tf
View file

This file was deleted.

28 changes: 0 additions & 28 deletions examples/security-policy-edge/versions.tf
View file

This file was deleted.

28 changes: 0 additions & 28 deletions examples/security-policy-managed-protection-plus/versions.tf
View file

This file was deleted.

28 changes: 0 additions & 28 deletions examples/security-policy-recaptcha/versions.tf
View file

This file was deleted.

28 changes: 0 additions & 28 deletions examples/simple-example/versions.tf
View file

This file was deleted.

6 changes: 3 additions & 3 deletions test/integration/security-policy-all/security_policy_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ func TestSecurityPolicyAll(t *testing.T) {
assert.Equal("throttle", sp.Get("action").String(), "priority 2 rule has expected action")
assert.Equal("XSS Sensitivity Level 2 with excluded rules", sp.Get("description").String(), "priority 2 rule has expected description")
assert.Equal("allow", sp.Get("rateLimitOptions.conformAction").String(), "priority 2 rule has expected Rate limit confirm action")
assert.Equal("ALL", sp.Get("rateLimitOptions.enforceOnKey").String(), "priority 2 rule has expected Rate limit enforce on key")
assert.Equal("", sp.Get("rateLimitOptions.enforceOnKey").String(), "priority 2 rule has expected Rate limit enforce on key")
assert.Equal("deny(502)", sp.Get("rateLimitOptions.exceedAction").String(), "priority 2 rule has expected Rate limit exceed action")
assert.Equal("10", sp.Get("rateLimitOptions.rateLimitThreshold.count").String(), "priority 2 rule has expected Rate limit threshold count")
assert.Equal("60", sp.Get("rateLimitOptions.rateLimitThreshold.intervalSec").String(), "priority 2 rule has expected Rate limit threshold interval")
Expand Down Expand Up @@ -170,7 +170,7 @@ func TestSecurityPolicyAll(t *testing.T) {
assert.Equal(srcIpRanges[0].String(), "45.116.227.71", "priority 15 rule found first valid cidr range")
assert.Equal(srcIpRanges[1].String(), "190.217.68.214", "priority 15 rule found second valid cidr range")
assert.Equal("allow", sp.Get("rateLimitOptions.conformAction").String(), "priority 15 rule has Rate limit confirm action")
assert.Equal("ALL", sp.Get("rateLimitOptions.enforceOnKey").String(), "priority 15 rule has Rate limit Enforce on key")
assert.Equal("", sp.Get("rateLimitOptions.enforceOnKey").String(), "priority 15 rule has Rate limit Enforce on key")
assert.Equal("deny(502)", sp.Get("rateLimitOptions.exceedAction").String(), "priority 15 rule has Rate limit exceed action")
assert.Equal("10", sp.Get("rateLimitOptions.rateLimitThreshold.count").String(), "priority 15 rule has Rate limit threshold count")
assert.Equal("60", sp.Get("rateLimitOptions.rateLimitThreshold.intervalSec").String(), "priority 15 rule has Rate limit threshold interval")
Expand Down Expand Up @@ -202,7 +202,7 @@ func TestSecurityPolicyAll(t *testing.T) {
assert.Equal("Throttle specific IP address in US Region", sp.Get("description").String(), "priority 23 rule has expected description")
assert.Equal("origin.region_code == \"US\" && inIpRange(origin.ip, '47.185.201.159/32')\n", sp.Get("match.expr.expression").String(), "priority 23 rule has expected expression")
assert.Equal("allow", sp.Get("rateLimitOptions.conformAction").String(), "priority 23 rule has Rate limit confirm action")
assert.Equal("ALL", sp.Get("rateLimitOptions.enforceOnKey").String(), "priority 23 rule has Rate limit Enforce on key")
assert.Equal("", sp.Get("rateLimitOptions.enforceOnKey").String(), "priority 23 rule has Rate limit Enforce on key")
assert.Equal("deny(502)", sp.Get("rateLimitOptions.exceedAction").String(), "priority 23 rule has Rate limit exceed action")
assert.Equal("10", sp.Get("rateLimitOptions.rateLimitThreshold.count").String(), "priority 23 rule has Rate limit threshold count")
assert.Equal("60", sp.Get("rateLimitOptions.rateLimitThreshold.intervalSec").String(), "priority 23 rule has Rate limit threshold interval")
Expand Down
2 changes: 1 addition & 1 deletion test/integration/simple-example/simple_example_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -205,7 +205,7 @@ func TestSimpleExample(t *testing.T) {
assert.Equal("Throttle specific IP address in US Region", sp.Get("description").String(), "priority 23 rule has expected description")
assert.Equal("origin.region_code == \"US\" && inIpRange(origin.ip, '47.185.201.159/32')\n", sp.Get("match.expr.expression").String(), "priority 23 rule has expected expression")
assert.Equal("allow", sp.Get("rateLimitOptions.conformAction").String(), "priority 23 rule has Rate limit confirm action")
assert.Equal("ALL", sp.Get("rateLimitOptions.enforceOnKey").String(), "priority 23 rule has Rate limit Enforce on key")
assert.Equal("", sp.Get("rateLimitOptions.enforceOnKey").String(), "priority 23 rule has Rate limit Enforce on key")
assert.Equal("deny(502)", sp.Get("rateLimitOptions.exceedAction").String(), "priority 23 rule has Rate limit exceed action")
assert.Equal("10", sp.Get("rateLimitOptions.rateLimitThreshold.count").String(), "priority 23 rule has Rate limit threshold count")
assert.Equal("60", sp.Get("rateLimitOptions.rateLimitThreshold.intervalSec").String(), "priority 23 rule has Rate limit threshold interval")
Expand Down
4 changes: 2 additions & 2 deletions versions.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,11 +19,11 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
version = ">= 4.79.0, < 5.0"
version = ">= 4.79.0, < 6"
}
google-beta = {
source = "hashicorp/google-beta"
version = ">= 4.79.0, < 5.0"
version = ">= 4.79.0, < 6"
}
}
provider_meta "google" {
Expand Down

0 comments on commit a9a0198

Please sign in to comment.